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DETAILED ACTION 

1 . Claims 1 -65 have been examined. 

Claim Rejections - 35 USC § 112 

2. The claims are generally narrative and indefinite, failing to conform with current 
U.S. practice. They appear to be a literal translation into English from a foreign 
document and are replete with grammatical and idiomatic errors. Examiner has great 
difficulty comprending the meaning of the claim language, Ex: In Claim 3, applicant 
states "...according to a degree to which each of the this is vague and indefinite. 
Other examples of vagueness is throughout the 65 claims. Proper correction is 
required. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 
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Claims 1-2, 33-34 are rejected under 35 U.S.C. 102(e) as being anticipated by 

Fuh. 

4. In regards to Claims 1 and 33, Fuh teaches of a filtering apparatus which is 
interposed between a client and a server 

a. an illegal pattern database (ACL list) which stores patterns of illegal 
accesses to the server (Col 9, lines 45-55); a pattern estimation unit which 
estimates legality of each of the access requests based on the illegal access 
patterns stored in the illegal pattern database and on a predetermined pattern 
estimation rule (Col 9, lines 51-55); and a pattern determination unit which 
determines whether each of the access requests is to be transmitted to the 
server based on the estimation by the pattern estimation unit and on a 
predetermined pattern determination rule (Col 9, lines 55-65). 

5. In regards to Claims 2 and 34, Fuh teaches of wherein the pattern estimation unit 
estimates that each of the access requests is an illegal access if the access request 
corresponds to any one of the illegal access patterns stored in the illegal pattern 
database, and estimates that the access request is a legal access if the access request 
does not correspond to any one of the illegal access... (Col 9, lines 45-67). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 3-15,16-19,26-30,35-47,48-51,58-62,65 are rejected under 35 U.S.C. 

103(a) as: being unpatentable over Fuh and further in view of Carter. 

6. In regards to claim 3 and 35 Fuh does not explicitly teach of wherein the pattern 
estimation unit calculates a predetermined estimation value according... .Carter teaches 
on this aspect (Paragraph [0006] and [0447]. One of ordinary skill in the art at the time 
of invention would have been motivated to make the above mentioned modifications for 
the reasons discussed in Carter, Paragraph[0005]. 

7. In regards to claim 4 and 36, Fuh teaches about a legal pattern database which 
stores ... and a predetermination unit which predetermines whether each of the access 
requests corresponds... (Col 9, lines 59-67). Fuh does not explicitly teach of wherein 
the pattern estimation unit estimates the legality of only the access request determined 
not to correspond to any one of the legal access patterns by the predetermination unit. 
Carter teaches on this aspect Paragraph [0006]. One of ordinary skill in the art at the 
time of invention would have been motivated to make the above mentioned 
modifications for the reasons discussed in Carter, Paragraph[0005]. 

8. In regards to Claim 5,1 6 and 37,48 Fuh does not explicitly teach of a external 
transmission unit which transmits each of the access requests determined not to be 
transmitted to the server by the pattern determination unit, to a predetermined external 
device based on a predetermined external transmission rule. Carter implicity teaches 
on this aspect (Paragraph [0006, lines 17-19). One of ordinary skill in the art at the time 
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of invention would have been motivated to make the above mentioned modifications for 
the reasons discussed in Carter, Paragraph [0005]. 

9. In regards to Claim 6,17 and 38,49 Fuh teaches about a storage unit (Fig 4, item 
424) which stores each of the access request (Col 9, lines 50-55). 

10. In regards to Claim 7, 18-19 and 39,50-51 Fuh does not explicitly teach of a 
update unit which updates the illegal... Carter teaches on this aspect (Paragraph 
[0228,0253]). One of ordinary skill in the art at the time of invention would have been 
motivated to make the above mentioned modifications for the reasons discussed in 
Carter, Paragraph [0005]. 

11. In regards to Claim 8, and 40 Fuh teaches about an access request transmission 
unit which transmits, as a legal access request, (Col 9, lines 50-65) but but does not 
explicitly teach of only the access request determined to be transmitted to the server by 
the pattern and statistic determination units, to the server statistically illegal request 
database .... from the statistic of the access requests for the server; a statistic 
estimation unit ... a statistic determination unit; Carter implicitly teaches on these 
aspects. Carter teaches of using statistical analysis to detect anomalous events (Page 
58, 2 nd Col, Claim 20). Motivation is same as discussed in Claim 7. 

12. In regards to Claim 9-1 1 and 41-43 Fuh does not explicitly teach of the 
statistically illegal request database stores transmitting end information on the clients 
each of which issues access requests.... stores request contents of the access 
requests.... and determines that the access request estimated as the legal access by 
the statistic estimation unit is to be transmitted to the server. Carter teaches on these 
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aspects (Page 58, 2 nd Col, Claim 20, Paragraph [0205,0204,0216]). Motivation is same 
as discussed in Claim 7. 

13. In regards to claims 12 and 44 Fuh does not explicitly teach the statistically illegal 
request database stores transmitting end information on the clients.... calculates a 
predetermined estimation value according to a degree to which the transmitting end... 
Carter teaches on these aspects (Paragraph [0204-0205, 0216,0006]). Motivation is 
same as discussed in Claim 7. 

14. In regards to claims 13-15 and 45-47 Fur teaches about estimating the legality of 
access request (Col 9, lines 45-60) but does not explicitly teach of statistic 
estimation... Carter implicitly teaches on these aspects (Page 58, 2 nd Col, Claim 20). It 
should be noted that Carter is explicit about detecting anomalous; however it would 
have been obvious to one of ordinary skill in the art at the time of invention to extend his 
invention so that the statistical analysis can correspond to legal access request as well 
based on what is taught by Carter in Paragraph [0183]. Motivation is same as discussed 
in Claim 7. 

15. In regards to claims 26-29and 58-61 Fuh does not explicitly teach of an access 
request decryption step of decrypting... the access request which has been subjected to 
the predetermined encryption processing. Carter teaches on these aspects (Paragraph 
[0225-0226]. Motivation is same as discussed in Claim 7. 

16. In regards to claims 30 and 62 Fur implicitly teaches of a pseudo-response 
database Iwhich stores pseudo-responses corresponding to the patterns of the illegal 



Application/Control Number: 10/087,807 Page 7 

Art Unit: 2142 

accesses to the server... (Fig 7a, item 707, 7b, item 736, Col 11, lines 20-30, Col 13, 
lines 29-30). 

1 7. In regards to claim 65, Fur teaches about a computer program containing 
instructions which when executed on a computer causes the computer to perform a 
filtering method... .(Col 9, lines 50-63, Col 19, Claim 8). Fur does not explicitly teach 
about a pattern estimation step of referring to an illegal pattern database which stores 
patterns of illegal accesses to the server, and estimating legality... Carter teaches on 
these aspects (Paragraph [0272,0412]). Motivation is same as discussed in Claim 7. 

Claims 31 -32 and 63 -64 are rejected under 35 U.S.C. 1 03(a) as being, 
unpatentable over Fuh as applied to claiml and 33 above, and further in view of Carter 
and Cahill (US 6535855). 

18. In regards to claims 31 and 63 Fur does not explicitly teach of decoy unit which 
receives the access requests each of... Cahill teaches on these aspects (Col 12, lines 
50-55, Col 13, lines 20-35). One of ordinary skill in the art at the time of invention would 
have been motivated to make the above-mentioned modifications for the reasons 
discussed in Carter (Paragraph [0026]). 

1 9. In regards to claims 32 and 64 Fur implicitly teaches of a pseudo-response 
database which stores pseudo-responses corresponding to the patterns of the illegal 
accesses ... and a pseudo-response transmission unit which transmits the pseudo- 
responses created by the pseudo-response (Fig 7a, item 707, 7b, item 736, Col 1 1 , 
lines 20-30, Col 13, lines 29-30). Fur does not explicitly teach of a decoy unit which 
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receives the access requests which do not correspond to the illegal access patterns 
stored in the pseudo-response database... Carter teaches of access request which do 
not correspond to the illegal access patterns (Col 9, lines 30-65) and Cahill teaches of a 
decoy unit (Col 13, lines 20-25). Motivation is the same as discussed in Claim 7 and 
Claim 17. 

Claims 20-21 and 52-53 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fuh as applied to claim 1 and 33 above, and further in view of 
Kashani. 

20. In regards to Claims 20 - 21 and 52-53 Fuh teaches about a database with 
stores patterns of illegal request (ACL, Col 9, lines 35-65) but does not explicitly teach 
of illegal responses. Kashani teaches on this aspect (Paragraph [0120]). One of 
ordinary skill in the art at the time of invention would be motivated to make the above- 
mentioned modifications for the reasons discussed in an analogous art (Birrel, 
Paragraph [0004]). 

Claims 22-25 and 54-57 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fuh as applied to claims 1 and 33 above, and further in view of 
Carter and Kashani. 

21 . In regards to claims 22-25 and 54-57 Fur does not explicitly teach about illegal 

response database threshold value.... external transmission unit.... storage of 

response that is not transmitted... .and update unit Carter teaches on threshold value 

(Paragraph[0006, 02 18].... external transmission unit(Paragraph[0006].... storage of 
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information that is not transmitted(Paragraph[0006]) that is not transmitted.... and 
update unit (Paragraph[0253]) but does not explicitly teach about illegal responses. 
Kashani teaches on this aspect (Paragraph [0120]). Motivation is the same as 
discussed in Claim 7 and Claim 20. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Cheryl M. Reid whose telephone number is 571 272 
3903. The examiner can normally be reached on Mon- Fri (7-3:30). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jack Harvey can be reached on (571 )272-3896. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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